159.89.138.163

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.89.138.235	attack	TCP (SYN) 159.89.138.235:57212 -> port 9100, len 44	2020-05-24 19:22:50
159.89.138.85	attack	Unauthorized connection attempt detected from IP address 159.89.138.85 to port 8088	2019-12-17 05:48:02
159.89.138.85	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-02 06:40:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.138.163
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26054
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.138.163.			IN	A

;; AUTHORITY SECTION:
.			147	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 19:32:39 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 163.138.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 163.138.89.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.189.116.164	attackbots	Brute forcing email accounts	2020-05-03 03:23:49
89.248.167.141	attack	May 2 21:07:12 debian-2gb-nbg1-2 kernel: \[10705339.195601\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.167.141 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=57210 PROTO=TCP SPT=59952 DPT=3088 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-03 03:20:00
189.139.15.47	attackspam	Unauthorized connection attempt detected from IP address 189.139.15.47 to port 8080	2020-05-03 03:09:46
59.120.227.134	attackbots	May 2 20:27:40 jane sshd[1027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.120.227.134 May 2 20:27:42 jane sshd[1027]: Failed password for invalid user qd from 59.120.227.134 port 58850 ssh2 ...	2020-05-03 03:26:42
111.39.204.136	attack	May 2 08:07:57 mail sshd\[14524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.39.204.136 user=root ...	2020-05-03 03:02:38
178.62.23.108	attackbots	Invalid user jiang from 178.62.23.108 port 51940	2020-05-03 03:16:13
122.51.134.52	attackspam	May 2 17:03:24 ns382633 sshd\[2328\]: Invalid user xusen from 122.51.134.52 port 54538 May 2 17:03:24 ns382633 sshd\[2328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.134.52 May 2 17:03:26 ns382633 sshd\[2328\]: Failed password for invalid user xusen from 122.51.134.52 port 54538 ssh2 May 2 17:33:39 ns382633 sshd\[7834\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.134.52 user=root May 2 17:33:41 ns382633 sshd\[7834\]: Failed password for root from 122.51.134.52 port 36052 ssh2	2020-05-03 03:07:45
92.63.196.3	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-03 03:12:07
213.96.16.202	attackspam	Unauthorized connection attempt detected from IP address 213.96.16.202	2020-05-03 03:35:03
128.199.143.58	attackspam	Invalid user web from 128.199.143.58 port 48226	2020-05-03 03:27:34
129.226.70.74	attack	20 attempts against mh-misbehave-ban on pluto	2020-05-03 03:26:12
157.230.170.78	attack	157.230.170.78 - - [02/May/2020:15:09:46 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.170.78 - - [02/May/2020:15:09:52 +0200] "POST /wp-login.php HTTP/1.1" 200 5953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.170.78 - - [02/May/2020:15:09:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-03 03:11:33
159.203.30.208	attack	Found by fail2ban	2020-05-03 03:10:40
112.85.42.89	attackspam	May 2 21:06:31 ns381471 sshd[25977]: Failed password for root from 112.85.42.89 port 43874 ssh2	2020-05-03 03:22:02
112.118.176.225	attack	Honeypot attack, port: 5555, PTR: n112118176225.netvigator.com.	2020-05-03 03:04:30

Recently Reported IPs

159.89.138.236	159.89.139.204	159.89.136.87	159.89.140.120
159.89.139.244	159.89.137.36	159.89.140.4	159.89.142.11
159.89.145.175	159.89.145.242	159.89.143.83	159.89.148.25
159.89.149.134	159.89.144.27	159.89.151.92	159.89.151.211
159.89.152.229	159.89.153.107	159.89.153.145	159.89.156.102